<?php
class PremiumUser
{
	private $uid; // user id
	private $fields; // other record fields
		
	public function __construct()
	{
		$this->uid = null;
		$this->fields = array('package_id' => '', 'package_id' => '', 'package_name' => '', 'code' => '', 'email_address' => '', 'password' => '', 'expiry_date' => '', 'active' => 0);
	}
		
	public function __get($field)
	{
		if ($field == 'uid')
		{
			return $this->uid;
		}
		else
		{
			return $this->fields[$field];
		}
	}
	
	
	public function __set($field, $value)
	{
		if (array_key_exists($field, $this->fields))
		{
			$this->fields[$field] = $value;
		}
	}
	

	
	function generateSalt()
	{
	    $rand = md5(rand(000000,999999));
		$this->code = substr($rand,0,6);
		
		
	}
	
	
	// return if email address is valid format
	public static function validateEmail($email)
	{
		return filter_var($email, FILTER_VALIDATE_EMAIL);
	}
	
	// return an object populated based on the record's user id
	public static function getById($uid)
	{
		$user = new PremiumUser();
		$query = sprintf('SELECT * FROM premium_accounts WHERE uid = %d', $uid);
		$result = mysql_query($query, $GLOBALS['DB']);
		if(mysql_num_rows($result))
		{
			$row = mysql_fetch_assoc($result);
			$user->password = $row['password'];
			$user->email_address = $row['email_address'];
			$user->active = $row['active'];
			$user->date_registration = $row['date_registration'];
			$user->uid = $uid;
		}
		mysql_free_result($result);
		return $user;
	}
	
	
	//this will return true if email is already being used
	public static function emailExists($email)
	{	
		$query = sprintf('SELECT * FROM premium_accounts WHERE email_address = "%s"', $email);
		$result = mysql_query($query, $GLOBALS['DB']);
		if(mysql_num_rows($result) > 0)
		{
			$exists = true;
		}else
		{
		    $exists = false;
		}
		mysql_free_result($result);
		return $exists;
	}
	
	
	//this function will return only user id by username
	public static function getIdByEmail($email)
	{
		$id = 0;
		$query = sprintf('SELECT uid FROM premium_accounts WHERE email_address = "%s"', 	mysql_real_escape_string($email, $GLOBALS['DB']));
		$result = mysql_query($query, $GLOBALS['DB']);
		if (mysql_num_rows($result))
		{
			$row = mysql_fetch_assoc($result);
			$id = $row['uid'];
		}
			mysql_free_result($result);
			return $id;			

	}	
	
	// save the record to the database
	public function save()
	{
		if (empty($this->uid))
		{
		    $this->generateSalt(); //generating salt for password encryption. Salt will never need to be updated by user or admin. this is one time generation.
			$query = sprintf("INSERT INTO premium_accounts (package_id,  email_address, password, code,  active,  package_name, expiry_date, date) VALUES ('%d', '%s','%s', '%s', %d, '%s', '%s', NOW())",makesafe($this->package_id), makesafe($this->email_address),
			md5($this->code.$this->password), $this->code, $this->active, makesafe($this->package_name), makesafe($this->expiry_date));


			if (mysql_query($query, $GLOBALS['DB']))
			{
				$this->uid = mysql_insert_id($GLOBALS['DB']);
                $mail = new Email($this->email_address, SITE_NAME.' - Premium Account Signup', 'Thank you for signup at '.SITE_NAME.' for premium account. Your premium account signup is complete, Now you can enjoy premium features at '.SITE_NAME.' <br /> Your Account Login: <br /> Email:  '.$this->email_address."<br />Password: ".$this->password."<br /><br />".SITE_NAME.' Team', 1);
				$mail->sendMail();
				return true;
			}
			else
			{
				return false;
			}
		}
	}
	
	
	// save the record to the database
	public function save2() //This function wont send email.
	{
		if (empty($this->uid))
		{
		    $this->generateSalt(); //generating salt for password encryption. Salt will never need to be updated by user or admin. this is one time generation.
			$query = sprintf("INSERT INTO premium_accounts (package_id,  email_address, password, code,  active,  package_name, expiry_date, date) VALUES ('%d', '%s','%s', '%s', %d, '%s', '%s', NOW())",makesafe($this->package_id), makesafe($this->email_address),
			md5($this->code.$this->password), $this->code, $this->active, makesafe($this->package_name), makesafe($this->expiry_date));



			if (mysql_query($query, $GLOBALS['DB']))
			{
				$this->uid = mysql_insert_id($GLOBALS['DB']);
				return true;
			}
			else
			{
				echo $query;
				return false;
			}
		}
	}	
	

	
	

	public static function EncryptPass($email_address, $password) // This function will return an encrypted password if account details are correct .. 
	{
	   
	   $query = sprintf('SELECT code FROM premium_accounts WHERE email_address = "%s" AND active = 1 LIMIT 1', 	mysql_real_escape_string($email_address, $GLOBALS['DB']));
	   $sql = mysql_query($query);
	   if(mysql_num_rows($sql)>0)
	   {
	     $row = mysql_fetch_array($sql);
		 $salt = trim($row['code']);
    	 $encrypted = md5($salt.trim($password)); 
		 
		 
		 return $encrypted; 
	   }else
	   {
	       return false;
	   }

	}
	
	public static function doAuth($email_address, $password) //This will login the user, return false on fail, encrypted password should be pass in parameter, uid on success
	{
       
	   $query = sprintf('SELECT uid FROM premium_accounts WHERE email_address = "%s" AND password = "%s" AND active = 1 LIMIT 1', 	mysql_real_escape_string($email_address, $GLOBALS['DB']), mysql_real_escape_string($password, $GLOBALS['DB']));

	   $sql = mysql_query($query);
	   if(mysql_num_rows($sql)>0)
	   {
	     $row = mysql_fetch_array($sql);
		    return $row['uid'];
	     
	   }else
	   {  
	      
	       return false;
	   }
	    
	
	}
	
	
	public static function isAccountExpired($email, $password)
	{
	   $query = sprintf('SELECT expiry_date FROM premium_accounts WHERE email_address = "%s" AND password = "%s" LIMIT 1', 	mysql_real_escape_string($email, $GLOBALS['DB']), mysql_real_escape_string($password, $GLOBALS['DB']));
	   $sql = mysql_query($query);
	   if(mysql_num_rows($sql)>0)
	   {
   	        $row = mysql_fetch_array($sql); 
		    $expiry_date  = $row['expiry_date'];
		    $now = date('Y-m-d H:i:s');
			if($now >= $expiry_date)
			{
			     mysql_query("DELETE FROM premium_accounts WHERE email_address = '".makesafe($email)."' AND password = '".makesafe($password)."' LIMIT 1");	
				 return true;
			}
	     
	   }else
	   {  
	      
	       return false;
	   }   		
	}
	
	
	
	public static function isAccountExpiredById($uid)
	{
	   $query = "SELECT expiry_date FROM premium_accounts WHERE uid =  '".makesafe($uid)."' LIMIT 1";
	   $sql = mysql_query($query);
	   if(mysql_num_rows($sql)>0)
	   {
   	        $row = mysql_fetch_array($sql); 
		    $expiry_date  = $row['expiry_date'];
		    $now = date('Y-m-d H:i:s');
			if($now >= $expiry_date)
			{
			     mysql_query("DELETE FROM premium_accounts WHERE email_address = '".makesafe($email)."' AND password = '".makesafe($password)."' LIMIT 1");	
				 return true;
			}
	     
	   }else
	   {  
	      
	       return false;
	   }  		
	}
	
}


?>
